If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Website password cracker?

This has been bothering me for awhile now...

My buddy has a web server and hosts a few sites. One of his sites has a forum with a login function. He knows I play around with pentesting and such, and challenged me to crack the security on the login.

At first I went through a few basic sweeps, tried SQL injection, tried modifying the source code to bypass it. The basic stuff didn't work, and I'm still working on it. I have one question, though.

I'm sort of familiar with password crackers such as Cain and John the Ripper. I'm wondering, is there a program that can run a wordlist through a website login form? Does anybody have any ideas on the matter?

My buddy has a web server and hosts a few sites. One of his sites has a forum with a login function. He knows I play around with pentesting and such, and challenged me to crack the security on the login.

At first I went through a few basic sweeps, tried SQL injection, tried modifying the source code to bypass it. The basic stuff didn't work, and I'm still working on it. I have one question, though.

I'm sort of familiar with password crackers such as Cain and John the Ripper. I'm wondering, is there a program that can run a wordlist through a website login form? Does anybody have any ideas on the matter?

Thanks in advance.

I can't belive that people come to a tech linux pentesting forum and think were going to fall for the old "my buddy bet me I couldn't hack his site". Anyway a simple search of the perfectly laid out back track menu should yeild a few "online passord" tools. No I will not help you use them though because this story stinks of social engineering. Have a great day